0e68932fda2da71d8ab56b4a941472f8f4316262c17583550e2c7c422c70642d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e68932fda2da71d8ab56b4a941472f8f4316262c17583550e2c7c422c70642d
Size

495KB
MD5

4f4a069c3b2cd77fea12e9c4c004e33a
SHA1

36ff0ae8ec825c2b9cd1b81f7a43787500edeaca
SHA256

0e68932fda2da71d8ab56b4a941472f8f4316262c17583550e2c7c422c70642d
SHA512

47e04dd87e442be951636187d3ea892f31b2c39df31b088048175794e9c938d5cb3a328cb54fa375e1c3dea7e3b4f981eeb3cc78c05613c99ef3031489dfbe04
SSDEEP

12288:nR1+jSpEoRzUA4Usj5sWUznwnprl76IkNjfCJaqYYNwO:REjSpEoRzU3UEgwnpR76IkEaMNwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e68932fda2da71d8ab56b4a941472f8f4316262c17583550e2c7c422c70642d

Files

0e68932fda2da71d8ab56b4a941472f8f4316262c17583550e2c7c422c70642d
.exe windows:4 windows x86 arch:x86

30b1b5c4997fd73a7841dcd901a2a0fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
HeapWalk
CompareFileTime
GetProfileIntA
GetModuleHandleA
InterlockedExchange
WaitForSingleObject
FindAtomA
lstrlenA
GetVersion
TlsFree
VirtualProtect
GetAtomNameA
GetConsoleCP
GetStdHandle
GlobalUnlock
GetACP
HeapReAlloc
LoadLibraryA
CloseHandle
GetTickCount

user32

ShowWindow
DialogBoxParamA
PostMessageA
TranslateMessage
EnableScrollBar
SetPropA
InsertMenuA
GetScrollRange
ModifyMenuA
EqualRect
GetMenu
DispatchMessageA
GetWindowTextA
InflateRect
GetMenuStringA
MessageBoxA
SetWindowPos
CreateCaret
LoadIconA
DestroyMenu
CopyRect
GetDlgItem
PostQuitMessage
UpdateWindow
PaintDesktop
SubtractRect
GetKeyboardLayout

msi

MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle
MsiGetMode
MsiDoActionA

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ